Stars
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
BChecks collection for Burp Suite Professional
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
grep rough audit - source code auditing tool
Common password pattern generator using strings list
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
Red-Darkin / bigip-scanner
Forked from BishopFox/bigip-scannerDetermine the running software version of a remote F5 BIG-IP management interface.
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
Exploiting XSS with Javascript/JPEG Polyglot (by @medusa_0xf)
exploit for f5-big-ip RCE cve-2023-46747
Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
Information about web3 security and programming tutorials/tools
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
sergiovks / rpcenum
Forked from s4vitar/rpcenumHerramienta en Bash ideal para extraer la información más relevante de un dominio vía rpcclient.